The Hacker News

Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks

Google links Turla to STOCKSTAY, a new .NET backdoor used in phishing attacks against Ukraine government and military targets ...

Boffin claims Microsoft's supposed quantum leap does not compute due to 'basic Python errors'

Prestigious journal Nature has published a peer-reviewed critique of Microsoft's claims to have made quantum computing ...
cryptopolitan

Microsoft, Google patch flaws as Cordyceps spread across open-source repositories

Security researchers at Novee found over 300 exploitable CI/CD workflow chains across repositories belonging to Microsoft, Google, Apache, Cloudflare, and the Python Software Foundation. The flaws ...
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
The Hacker News

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...
CRN

10 Major Cyberattacks And Data Breaches In 2026 (So Far)

The first half of 2026 saw a renewed surge of widely felt cyberattacks and data breaches—with many indicators pointing to increased usage of AI-powered capabilities. Major incidents included zero-day ...
Unite.AI

OpenAI’s Daybreak Wants to Own the Patch, Not Just the Bug

OpenAI expanded its Daybreak security program on June 22, 2026, and it's easy to read the announcement as one more model drop ...
techtimes

OpenAI Daybreak Expands Patch Pipeline as Five Eyes Warns AI Attacks Are Months Away

The same day OpenAI announced the most significant expansion of its Daybreak cybersecurity initiative since the platform launched in May, intelligence agencies from all five nations of the Five Eyes ...
Dark Reading

'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows

By targeting the automated workflows around repositories with targeted pull requests, attackers can potentially target ...

Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...

AryStinger botnet infected thousands of D-Link routers worldwide

A previously undocumented malware botnet named AryStinger has compromised more than 4,000 outdated routers to turn them into ...